преди 1 година · 8b0b1158b9
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/SignPrincipal.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/SignPrincipal.java
@@ -17,8 +17,8 @@
 
				 
			
 
				 package org.dromara.maxkey.authn;
			
 
				 
			
 
				-import java.util.ArrayList;
			
 
				 import java.util.Collection;
			
 
				+import java.util.List;
			
 
				 
			
 
				 import org.dromara.maxkey.authn.session.Session;
			
 
				 import org.dromara.maxkey.entity.UserInfo;
			
@@ -33,9 +33,13 @@ public class SignPrincipal implements  UserDetails {
 
				     UserDetails userDetails;
			
 
				     
			
 
				     String sessionId;
			
 
				-    ArrayList<GrantedAuthority> grantedAuthority;
			
 
				-    ArrayList<GrantedAuthority> grantedAuthorityApps;
			
 
				+    
			
 
				+    List<GrantedAuthority> grantedAuthority;
			
 
				+    
			
 
				+    List<GrantedAuthority> grantedAuthorityApps;
			
 
				+    
			
 
				     boolean authenticated;
			
 
				+    
			
 
				     boolean roleAdministrators;
			
 
				     
			
 
				 	private  boolean accountNonExpired;
			
@@ -104,7 +108,7 @@ public class SignPrincipal implements  UserDetails {
 
				         return grantedAuthority;
			
 
				     }
			
 
				 
			
 
				-    public ArrayList<GrantedAuthority> getGrantedAuthority() {
			
 
				+    public List<GrantedAuthority> getGrantedAuthority() {
			
 
				         return grantedAuthority;
			
 
				     }
			
 
				 
			
@@ -116,7 +120,7 @@ public class SignPrincipal implements  UserDetails {
 
				         this.userDetails = userDetails;
			
 
				     }
			
 
				 
			
 
				-    public void setGrantedAuthority(ArrayList<GrantedAuthority> grantedAuthority) {
			
 
				+    public void setGrantedAuthority(List<GrantedAuthority> grantedAuthority) {
			
 
				         this.grantedAuthority = grantedAuthority;
			
 
				     }
			
 
				 
			
@@ -159,11 +163,11 @@ public class SignPrincipal implements  UserDetails {
 
				         return this.enabled;
			
 
				     }
			
 
				 
			
 
				-    public ArrayList<GrantedAuthority> getGrantedAuthorityApps() {
			
 
				+    public List<GrantedAuthority> getGrantedAuthorityApps() {
			
 
				         return grantedAuthorityApps;
			
 
				     }
			
 
				 
			
 
				-    public void setGrantedAuthorityApps(ArrayList<GrantedAuthority> grantedAuthorityApps) {
			
 
				+    public void setGrantedAuthorityApps(List<GrantedAuthority> grantedAuthorityApps) {
			
 
				         this.grantedAuthorityApps = grantedAuthorityApps;
			
 
				     }
			
 
				 
			
--- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/AbstractAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/AbstractAuthenticationProvider.java
@@ -18,6 +18,7 @@
 
				 package org.dromara.maxkey.authn.provider;
			
 
				 
			
 
				 import java.util.ArrayList;
			
 
				+import java.util.List;
			
 
				 
			
 
				 import org.dromara.maxkey.authn.LoginCredential;
			
 
				 import org.dromara.maxkey.authn.SignPrincipal;
			
@@ -109,7 +110,7 @@ public abstract class AbstractAuthenticationProvider {
 
				         //set session with principal
			
 
				         SignPrincipal principal = new SignPrincipal(userInfo,session);
			
 
				 
			
 
				-        ArrayList<GrantedAuthority> grantedAuthoritys = authenticationRealm.grantAuthority(userInfo);
			
 
				+        List<GrantedAuthority> grantedAuthoritys = authenticationRealm.grantAuthority(userInfo);
			
 
				         principal.setAuthenticated(true);
			
 
				         
			
 
				         for(GrantedAuthority administratorsAuthority : grantedAdministratorsAuthoritys) {
			
--- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/realm/AbstractAuthenticationRealm.java
+++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/realm/AbstractAuthenticationRealm.java
@@ -17,14 +17,13 @@
 
				 
			
 
				 package org.dromara.maxkey.authn.realm;
			
 
				 
			
 
				-import java.util.ArrayList;
			
 
				 import java.util.Date;
			
 
				 import java.util.List;
			
 
				 
			
 
				 import org.dromara.maxkey.authn.SignPrincipal;
			
 
				 import org.dromara.maxkey.authn.realm.ldap.LdapAuthenticationRealmService;
			
 
				+import org.dromara.maxkey.entity.Groups;
			
 
				 import org.dromara.maxkey.entity.HistoryLogin;
			
 
				-import org.dromara.maxkey.entity.Roles;
			
 
				 import org.dromara.maxkey.entity.UserInfo;
			
 
				 import org.dromara.maxkey.ip2location.IpLocationParser;
			
 
				 import org.dromara.maxkey.ip2location.Region;
			
@@ -89,8 +88,8 @@ public abstract class AbstractAuthenticationRealm {
 
				 
			
 
				     public abstract boolean passwordMatches(UserInfo userInfo, String password);
			
 
				     
			
 
				-    public List<Roles> queryGroups(UserInfo userInfo) {
			
 
				-       return loginRepository.queryRoles(userInfo);
			
 
				+    public List<Groups> queryGroups(UserInfo userInfo) {
			
 
				+       return loginRepository.queryGroups(userInfo);
			
 
				     }
			
 
				 
			
 
				     /**
			
@@ -99,7 +98,7 @@ public abstract class AbstractAuthenticationRealm {
 
				      * @param userInfo
			
 
				      * @return ArrayList<GrantedAuthority>
			
 
				      */
			
 
				-    public ArrayList<GrantedAuthority> grantAuthority(UserInfo userInfo) {
			
 
				+    public List<GrantedAuthority> grantAuthority(UserInfo userInfo) {
			
 
				         return loginRepository.grantAuthority(userInfo);
			
 
				     }
			
 
				     
			
@@ -109,7 +108,7 @@ public abstract class AbstractAuthenticationRealm {
 
				      * @param grantedAuthoritys
			
 
				      * @return ArrayList<GrantedAuthority Apps>
			
 
				      */
			
 
				-    public ArrayList<GrantedAuthority> queryAuthorizedApps(ArrayList<GrantedAuthority> grantedAuthoritys) {
			
 
				+    public List<GrantedAuthority> queryAuthorizedApps(List<GrantedAuthority> grantedAuthoritys) {
			
 
				         return loginRepository.queryAuthorizedApps(grantedAuthoritys);
			
 
				     }
			
 
				 
			
--- a/maxkey-core/src/main/java/org/dromara/maxkey/persistence/repository/LoginRepository.java
+++ b/maxkey-core/src/main/java/org/dromara/maxkey/persistence/repository/LoginRepository.java
@@ -24,9 +24,10 @@ import java.util.ArrayList;
 
				 import java.util.Date;
			
 
				 import java.util.List;
			
 
				 
			
 
				+import org.apache.commons.collections4.CollectionUtils;
			
 
				 import org.dromara.maxkey.constants.ConstsRoles;
			
 
				 import org.dromara.maxkey.constants.ConstsStatus;
			
 
				-import org.dromara.maxkey.entity.Roles;
			
 
				+import org.dromara.maxkey.entity.Groups;
			
 
				 import org.dromara.maxkey.entity.UserInfo;
			
 
				 import org.dromara.maxkey.util.StringUtils;
			
 
				 import org.slf4j.Logger;
			
@@ -37,7 +38,7 @@ import org.springframework.security.core.GrantedAuthority;
 
				 import org.springframework.security.core.authority.SimpleGrantedAuthority;
			
 
				 
			
 
				 public class LoginRepository {
			
 
				-    private static Logger _logger = LoggerFactory.getLogger(LoginRepository.class);
			
 
				+    private static final Logger _logger = LoggerFactory.getLogger(LoginRepository.class);
			
 
				 
			
 
				     private static final String LOCK_USER_UPDATE_STATEMENT = "update mxk_userinfo set islocked = ?  , unlocktime = ? where id = ?";
			
 
				 
			
@@ -52,7 +53,7 @@ public class LoginRepository {
 
				 
			
 
				 
			
 
				 
			
 
				-    private static final String ROLES_SELECT_STATEMENT = "select distinct g.id,g.groupcode,g.groupname from mxk_userinfo u,mxk_groups g,mxk_group_member gm where u.id = ?  and u.id=gm.memberid and gm.groupid=g.id ";
			
 
				+    private static final String GROUPS_SELECT_STATEMENT = "select distinct g.id,g.groupcode,g.groupname from mxk_userinfo u,mxk_groups g,mxk_group_member gm where u.id = ?  and u.id=gm.memberid and gm.groupid=g.id ";
			
 
				 
			
 
				     private static final String DEFAULT_USERINFO_SELECT_STATEMENT = "select * from  mxk_userinfo where username = ? ";
			
 
				     
			
@@ -60,7 +61,7 @@ public class LoginRepository {
 
				     
			
 
				     private static final String DEFAULT_USERINFO_SELECT_STATEMENT_USERNAME_MOBILE_EMAIL = "select * from  mxk_userinfo where (username = ? or mobile = ? or email = ?) ";
			
 
				     
			
 
				-    private static final String DEFAULT_MYAPPS_SELECT_STATEMENT = "select distinct app.id,app.appname from mxk_apps app,mxk_group_permissions gp,mxk_groups g  where app.id=gp.appid and app.status =	1 and gp.groupid=g.id and g.id in(%s)";
			
 
				+    private static final String DEFAULT_MYAPPS_SELECT_STATEMENT = "select distinct app.id,app.appname from mxk_apps app,mxk_group_permissions gp,mxk_groups g  where app.id=gp.appid and app.status = 1 and gp.groupid=g.id and g.id in(%s)";
			
 
				     
			
 
				     protected JdbcTemplate jdbcTemplate;
			
 
				     
			
@@ -86,13 +87,8 @@ public class LoginRepository {
 
				         }else if( LOGIN_ATTRIBUTE_TYPE == 3) {
			
 
				         	 listUserInfo = findByUsernameOrMobileOrEmail(username,password);
			
 
				         }
			
 
				-        
			
 
				-        UserInfo userInfo = null;
			
 
				-        if (listUserInfo != null && listUserInfo.size() > 0) {
			
 
				-            userInfo = listUserInfo.get(0);
			
 
				-        }
			
 
				-        _logger.debug("load UserInfo : " + userInfo);
			
 
				-        return userInfo;
			
 
				+        _logger.debug("load UserInfo : {}" , listUserInfo);
			
 
				+        return (CollectionUtils.isNotEmpty(listUserInfo))? listUserInfo.get(0) : null;
			
 
				     }
			
 
				     
			
 
				     public List<UserInfo> findByUsername(String username, String password) {
			
@@ -194,7 +190,7 @@ public class LoginRepository {
 
				         }
			
 
				     }
			
 
				     
			
 
				-    public ArrayList<GrantedAuthority> queryAuthorizedApps(ArrayList<GrantedAuthority> grantedAuthoritys) {
			
 
				+    public List<GrantedAuthority> queryAuthorizedApps(List<GrantedAuthority> grantedAuthoritys) {
			
 
				         String grantedAuthorityString="'ROLE_ALL_USER'";
			
 
				         for(GrantedAuthority grantedAuthority : grantedAuthoritys) {
			
 
				             grantedAuthorityString += ",'"+ grantedAuthority.getAuthority()+"'";
			
@@ -208,20 +204,18 @@ public class LoginRepository {
 
				             }
			
 
				         });
			
 
				 
			
 
				-        _logger.debug("list Authorized Apps  " + listAuthorizedApps);
			
 
				+        _logger.debug("list Authorized Apps  {}" , listAuthorizedApps);
			
 
				         return listAuthorizedApps;
			
 
				     }
			
 
				     
			
 
				-    public List<Roles> queryRoles(UserInfo userInfo) {
			
 
				-        List<Roles> listRoles = jdbcTemplate.query(ROLES_SELECT_STATEMENT, new RowMapper<Roles>() {
			
 
				-            public Roles mapRow(ResultSet rs, int rowNum) throws SQLException {
			
 
				-                Roles role = new Roles(rs.getString("id"), rs.getString("groupcode"),rs.getString("groupname"), 0);
			
 
				-
			
 
				-                return role;
			
 
				+    public List<Groups> queryGroups(UserInfo userInfo) {
			
 
				+        List<Groups> listRoles = jdbcTemplate.query(GROUPS_SELECT_STATEMENT, new RowMapper<Groups>() {
			
 
				+            public Groups mapRow(ResultSet rs, int rowNum) throws SQLException {
			
 
				+                return new Groups(rs.getString("id"), rs.getString("groupcode"),rs.getString("groupname"), 0);
			
 
				             }
			
 
				         }, userInfo.getId());
			
 
				 
			
 
				-        _logger.debug("list Roles  " + listRoles);
			
 
				+        _logger.debug("list Roles  {}" , listRoles);
			
 
				         return listRoles;
			
 
				     }
			
 
				 
			
@@ -231,23 +225,23 @@ public class LoginRepository {
 
				      * @param userInfo
			
 
				      * @return ArrayList<GrantedAuthority>
			
 
				      */
			
 
				-    public ArrayList<GrantedAuthority> grantAuthority(UserInfo userInfo) {
			
 
				-        // query roles for user
			
 
				-        List<Roles> listRoles = queryRoles(userInfo);
			
 
				+    public List<GrantedAuthority> grantAuthority(UserInfo userInfo) {
			
 
				+        // query Groups for user
			
 
				+        List<Groups> listGroups = queryGroups(userInfo);
			
 
				 
			
 
				-        //set default roles
			
 
				-        ArrayList<GrantedAuthority> grantedAuthority = new ArrayList<GrantedAuthority>();
			
 
				+        //set default groups
			
 
				+        ArrayList<GrantedAuthority> grantedAuthority = new ArrayList<>();
			
 
				         grantedAuthority.add(ConstsRoles.ROLE_USER);
			
 
				         grantedAuthority.add(ConstsRoles.ROLE_ALL_USER);
			
 
				         grantedAuthority.add(ConstsRoles.ROLE_ORDINARY_USER);
			
 
				-        for (Roles role : listRoles) {
			
 
				-            grantedAuthority.add(new SimpleGrantedAuthority(role.getId()));
			
 
				-            if(role.getRoleCode().startsWith("ROLE_") 
			
 
				-            		&& !grantedAuthority.contains(new SimpleGrantedAuthority(role.getRoleCode()))) {
			
 
				-            	grantedAuthority.add(new SimpleGrantedAuthority(role.getRoleCode()));
			
 
				+        for (Groups group : listGroups) {
			
 
				+            grantedAuthority.add(new SimpleGrantedAuthority(group.getId()));
			
 
				+            if(group.getGroupCode().startsWith("ROLE_") 
			
 
				+            		&& !grantedAuthority.contains(new SimpleGrantedAuthority(group.getGroupCode()))) {
			
 
				+            	grantedAuthority.add(new SimpleGrantedAuthority(group.getGroupCode()));
			
 
				             }
			
 
				         }
			
 
				-        _logger.debug("Authority : " + grantedAuthority);
			
 
				+        _logger.debug("Authority : {}" , grantedAuthority);
			
 
				 
			
 
				         return grantedAuthority;
			
 
				     }
			
--- a/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/HistoryLoginAppsService.java
+++ b/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/HistoryLoginAppsService.java
@@ -29,16 +29,36 @@ public class HistoryLoginAppsService  extends JpaService<HistoryLoginApps>{
 
				 		super(HistoryLoginAppsMapper.class);
			
 
				 	}
			
 
				 
			
 
				-
			
 
				-	/* (non-Javadoc)
			
 
				-	 * @see com.connsec.db.service.BaseService#getMapper()
			
 
				-	 */
			
 
				+	
			
 
				 	@Override
			
 
				 	public HistoryLoginAppsMapper getMapper() {
			
 
				 		return (HistoryLoginAppsMapper)super.getMapper();
			
 
				 	}
			
 
				 	
			
 
				+	@Override
			
 
				 	public boolean  insert(HistoryLoginApps loginAppsHistory){
			
 
				-		return getMapper().insert(loginAppsHistory)> 0;
			
 
				+		//new Thread insert login app history
			
 
				+		new Thread(new HistoryLoginAppsRunnable(getMapper(),loginAppsHistory)).start();
			
 
				+		return true;
			
 
				+	}
			
 
				+	
			
 
				+	public class HistoryLoginAppsRunnable implements Runnable{
			
 
				+
			
 
				+		HistoryLoginAppsMapper historyLoginAppsMapper;
			
 
				+		
			
 
				+		HistoryLoginApps loginAppsHistory;
			
 
				+		
			
 
				+		public HistoryLoginAppsRunnable(HistoryLoginAppsMapper historyLoginAppsMapper,
			
 
				+				HistoryLoginApps loginAppsHistory) {
			
 
				+			super();
			
 
				+			this.historyLoginAppsMapper = historyLoginAppsMapper;
			
 
				+			this.loginAppsHistory = loginAppsHistory;
			
 
				+		}
			
 
				+
			
 
				+		@Override
			
 
				+		public void run() {
			
 
				+			historyLoginAppsMapper.insert(loginAppsHistory);
			
 
				+		}
			
 
				+		
			
 
				 	}
			
 
				 }
			
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java
@@ -13,6 +13,7 @@
 
				 package org.dromara.maxkey.authz.oauth2.provider;
			
 
				 
			
 
				 import java.util.ArrayList;
			
 
				+import java.util.List;
			
 
				 
			
 
				 import org.dromara.maxkey.authn.SignPrincipal;
			
 
				 import org.dromara.maxkey.authn.provider.AbstractAuthenticationProvider;
			
@@ -52,7 +53,7 @@ public class OAuth2UserDetailsService implements UserDetailsService {
 
				 		//set OnlineTicket
			
 
				 		principal.setSessionId(onlineTicket.getId());
			
 
				         
			
 
				-        ArrayList<GrantedAuthority> grantedAuthoritys = loginRepository.grantAuthority(userInfo);
			
 
				+        List<GrantedAuthority> grantedAuthoritys = loginRepository.grantAuthority(userInfo);
			
 
				         principal.setAuthenticated(true);
			
 
				         
			
 
				         for(GrantedAuthority administratorsAuthority : AbstractAuthenticationProvider.grantedAdministratorsAuthoritys) {
			
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/ForgotPasswordContorller.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/ForgotPasswordContorller.java
@@ -58,16 +58,16 @@ public class ForgotPasswordContorller {
 
				     EmailConfig emailConfig;
			
 
				     
			
 
				     public class ForgotType{
			
 
				-        public final static int NOTFOUND = 1;
			
 
				-        public final static int EMAIL = 2;
			
 
				-        public final static int MOBILE = 3;
			
 
				-        public final static int CAPTCHAERROR = 4;
			
 
				+        public static final  int NOTFOUND 			= 1;
			
 
				+        public static final  int EMAIL 				= 2;
			
 
				+        public static final  int MOBILE 			= 3;
			
 
				+        public static final  int CAPTCHAERROR 		= 4;
			
 
				     }
			
 
				     
			
 
				     public class PasswordResetResult{
			
 
				-        public final static int SUCCESS = 1;
			
 
				-        public final static int CAPTCHAERROR = 2;
			
 
				-        public final static int PASSWORDERROR = 3;
			
 
				+        public static final  int SUCCESS 			= 1;
			
 
				+        public static final  int CAPTCHAERROR 		= 2;
			
 
				+        public static final  int PASSWORDERROR 		= 3;
			
 
				     }
			
 
				     
			
 
				     @Autowired